SNMP stops working after installing eDirectory 8.8 SP8 on Windows 2012

  • 7015746
  • 06-Oct-2014
  • 08-Oct-2014


NetIQ eDirectory 8.8 SP8


After installing eDirectory on Windows 2012 SNMP system traps are no longer seen.
After SNMP is setup and eDirectory is installed in a Japanese locale, logging into eDirectory results in an Error: -672 (No Access).


In Windows 2012 the SNMP service is deprecated.  Windows now uses the Common Information Model (CIM) which is supported by the Web-Management web services protocol and is implemented as Windows Remote Management.  Further, Service hardening rules have been added for the SNMP services.  By default, SNMP sub-agents will not be able to contact the SNMP master service as they could in Windows 2008.
More information can be found here:
1. First ensure that Interactive Services has been set to 0
  • C:\> REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Windows /v NoInteractiveServices /t REG_DWORD /d 0x0 /f
  • C:\> sc config UI0Detect start= auto
Reboot the system.
2. As mentioned in the Microsoft TID a new utility has been created that will modify the service hardening and firewall rules so that the SA can contact eDirectory and send the traps.  It is included in eDirectory from 8.8 SP8 onward.  The utility, named dssnmpsupport.exe, can be found in the installation directory of eDirectory.  Simply run the utility with no command line options and reboot the server.
This is now a mandatory step to get SNMP working with eDirectory on Windows 2012.